4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
Bui Quang Minh discovered that libxml2, a library for parsing and
handling XML data files, does not well process a malformed XPATH,
causing crash and allowing arbitrary code execution.
For the stable distribution (lenny), this problem has been fixed in
version 2.6.32.dfsg-5+lenny2.
For the testing (squeeze) and unstable (sid) distribution, this problem
has been fixed in version 2.7.8.dfsg-1.
We recommend that you upgrade your libxml2 package.
CPE | Name | Operator | Version |
---|---|---|---|
libxml2 | eq | 2.6.32.dfsg-5+lenny1 | |
libxml2 | eq | 2.6.32.dfsg-5 |